CVE-2023-4863

libwebp: OOB write in BuildHuffmanTable

Description

Google and Mozilla have released security advisories for RCE due to heap overflow in libwebp. Google warns the vulnerability has been exploited in the wild.

libwebp needs to be updated to 1.3.2 to include a patch for "OOB write in BuildHuffmanTable".

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

APT

Publish Date

September 12, 2023

Modified Date

August 7, 2024

Score Vector

Affected Versions